Jenkins X Security
The Jenkins X project takes security seriously. We make every possible effort to ensure users can adequately secure their automation infrastructure. To that end, we work with Jenkins X platform and app developers, as well as security researchers, to fix security vulnerabilities in Jenkins X in a timely manner, and to improve the security of Jenkins X in general.
How to Report a Security Vulnerability
If you find a vulnerability in Jenkins X, please report it by sending an email to the SECURITY maintainer mailing list. Please do not report security issues in the github tracker.
By restricting access to this potentially sensitive information, we can work on a fix and deliver it before the method of attack becomes well-known.
Vulnerabilities in Apps
Whilst the Jenkins X team is not responsible for the quality of third party apps, please still use the above reporting mechanism and we will co-ordinate with the app developer to ensure a fix in a secure maner.
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.